Description

Install, configure, and use Corust Agent (corust-agent-acp) — an ACP-compatible coding agent. Use when: the user wants to install, configure, set up, or use...

README (SKILL.md)

Corust Agent Skill

Name: Corust Agent Configure
Author: phoenix500526

Install and configure corust-agent-acp, an ACP-compatible coding agent by Corust AI.

When to Use

✅ USE this skill when:

User wants to install or update corust-agent-acp
User wants to configure corust / corust-agent in OpenClaw
User says "install corust", "configure corust-agent", "use corust-agent-acp", or similar
User wants to run corust-agent via ACP on Discord or other channels

❌ DON'T use this skill when:

User is asking about other ACP agents (claude, codex, gemini)
User is troubleshooting general ACP/acpx issues unrelated to Corust

Setup Steps

Follow these steps in order to install and configure corust-agent-acp.

Step 1: Download and Install the Binary

Detect the current platform and architecture:
- macOS ARM (Apple Silicon / M1+): darwin-arm64
- macOS Intel: darwin-amd64
- Linux x86_64: linux-amd64
- Linux ARM64: linux-arm64
Ask the user where they want to install the binary. Default: $HOME/corust.

Download the latest release from GitHub:

# Example for macOS Apple Silicon
mkdir -p "$HOME/corust"
curl -fSL "https://github.com/Corust-ai/corust-agent-release/releases/latest/download/agent-darwin-arm64.tar.gz" \
  -o /tmp/corust-agent.tar.gz
tar -xzf /tmp/corust-agent.tar.gz -C "$HOME/corust"
chmod +x "$HOME/corust/corust-agent-acp"
rm /tmp/corust-agent.tar.gz

Adjust the archive name based on detected platform:

agent-darwin-arm64.tar.gz — macOS Apple Silicon
agent-darwin-amd64.tar.gz — macOS Intel
agent-linux-amd64.tar.gz — Linux x86_64
agent-linux-arm64.tar.gz — Linux ARM64

Verify the binary works:

"$HOME/corust/corust-agent-acp" --version

Step 2: Configure acpx

Write the following to ~/.acpx/config.json (create the file and directory if they don't exist). Replace $HOME with the actual resolved home directory path.

{
  "agents": {
    "corust-agent-acp": { "command": "$HOME/corust/corust-agent-acp" }
  }
}

Important: If ~/.acpx/config.json already exists and contains other agent entries, merge the corust-agent-acp entry into the existing agents object rather than overwriting the file.

mkdir -p ~/.acpx
# Read existing config, merge, and write back

Step 3: Configure OpenClaw

Add the following configuration to ~/.openclaw/openclaw.json. Use openclaw config set commands or edit the file directly. Merge into existing config — do not overwrite unrelated sections.

ACP configuration:

{
  "acp": {
    "enabled": true,
    "dispatch": {
      "enabled": true
    },
    "backend": "acpx",
    "defaultAgent": "corust-agent-acp",
    "allowedAgents": [
      "corust-agent-acp"
    ],
    "maxConcurrentSessions": 8,
    "stream": {
      "coalesceIdleMs": 300,
      "maxChunkChars": 1200
    },
    "runtime": {
      "ttlMinutes": 120
    }
  }
}

ACPX plugin configuration:

{
  "plugins": {
    "entries": {
      "acpx": {
        "enabled": true,
        "config": {
          "permissionMode": "approve-all",
          "nonInteractivePermissions": "deny"
        }
      }
    }
  }
}

Step 4: Tell the User How to Configure Discord

After completing the above steps, instruct the user on Discord setup. Do NOT run these commands automatically — only tell the user what to do.

Provide the following instructions:

Discord Configuration

Enable ACP thread spawning and open DM access:

openclaw config set channels.discord.threadBindings.spawnAcpSessions true
openclaw config set channels.discord.allowFrom '["*"]'

Enable thread creation permissions in Discord:

Go to your Discord server → channel settings → Permissions, and ensure the bot role has:
- Create Public Threads — enabled
- Create Private Threads — enabled
- Send Messages in Threads — enabled
Start using Corust Agent:

In any text channel, mention the bot and say:

@Bot run corust

The bot will spawn a corust-agent-acp session in a new thread and begin working on your task.

Troubleshooting

"acpx command not found": Ensure the ACPX plugin is enabled and the gateway has been restarted after configuration changes.
Agent binary not found: Verify the path in ~/.acpx/config.json points to the correct binary location and the file is executable (chmod +x).
Discord "Not authorized": Run openclaw config set channels.discord.allowFrom '["*"]' and restart the gateway.
Network issues (proxy): If Discord connections fail, set openclaw config set channels.discord.proxy "http://127.0.0.1:\x3Cport>" with your local proxy port. Also consider enabling TUN mode on your proxy client for full coverage.

Usage Guidance

This skill appears to do what it says (install and wire up corust-agent) but includes two points you should review before installing: (1) it downloads and runs a binary from a remote GitHub 'latest' release — verify the release source, prefer a pinned version, and check signatures or checksums before executing; consider downloading manually and inspecting or running in a sandbox/container; (2) it recommends making OpenClaw/ACPX/Discord settings permissive (channels.discord.allowFrom ['*'], permissionMode 'approve-all') which can let untrusted users spawn agents or give agents broad approval. Instead, restrict allowFrom to specific channels or roles, avoid 'approve-all' unless you fully trust your environment, back up existing ~/.acpx and ~/.openclaw configs before merging, and test changes in a staging environment. If you lack confidence in the GitHub repo's authenticity, ask the vendor for signed releases or hashes, or run the agent binary under a limited user/VM.

Capability Analysis

Type: OpenClaw Skill Name: corust-agent Version: 1.0.0 The skill downloads and executes a binary from an external GitHub repository (Corust-ai/corust-agent-release) and instructs the user to configure highly permissive security settings in SKILL.md. Specifically, it recommends setting 'channels.discord.allowFrom' to '["*"]' and the ACPX plugin 'permissionMode' to 'approve-all', which allows any Discord user to trigger agent actions and grants the agent broad execution authority. While these actions are documented as part of the setup process for a remote coding agent, they represent significant security risks (unauthorized access and potential RCE) that lack sufficient safeguards.

Capability Assessment

✓ Purpose & Capability

The skill's name and description match the actions in SKILL.md: downloading a corust-agent binary, placing it under $HOME/corust, and configuring ACPX/OpenClaw. The declared required binaries (curl, tar) fit the stated installation steps and no unrelated credentials or binaries are requested.

⚠ Instruction Scope

Instructions include expected setup tasks (download, extract, mark executable, write/merge ~/.acpx/config.json and ~/.openclaw/openclaw.json). However the guidance also tells administrators to enable broadly permissive settings: channels.discord.allowFrom '[["*"]]' and an ACPX plugin config with permissionMode 'approve-all'. Those configuration changes expand who/what can spawn agent sessions and may expose the system to untrusted inputs. The skill also instructs executing an unsigned remote binary fetched via the 'latest' GitHub release URL without guidance to verify checksums or signatures.

ℹ Install Mechanism

There is no formal install spec — the SKILL.md instructs using curl to download a tar.gz from GitHub Releases and extracting it. Using GitHub Releases is common and reasonable, but downloading and executing a remote binary (especially via the 'latest' redirect) is nontrivial risk unless the release is signed or checksums are verified. The instruction to extract and run the binary is proportionate to the purpose but should advise integrity verification.

✓ Credentials

The skill requests no environment variables or credentials and only modifies user-level config files under the home directory. There are no unexplained secret requests or cross-service keys in the manifest.

⚠ Persistence & Privilege

The skill itself is not 'always:true' and requests no special platform privileges, but it explicitly directs changing global OpenClaw/ACPX/Discord settings that increase agent invocation reach (allowFrom ['*'], permissionMode 'approve-all', enabling ACP dispatch/threads). Combined with default autonomous agent invocation, these recommended config changes broaden the system's attack surface and risk unauthorized agent starts.

Version History

v1.0.0

Initial release: install, configure, and use corust-agent-acp

Metadata

Slug corust-agent

Version 1.0.0

License MIT-0

All-time Installs 0

Active Installs 0

Total Versions 1

Frequently Asked Questions

What is Corust Agent Configure?

Install, configure, and use Corust Agent (corust-agent-acp) — an ACP-compatible coding agent. Use when: the user wants to install, configure, set up, or use... It is an AI Agent Skill for Claude Code / OpenClaw, with 109 downloads so far.

How do I install Corust Agent Configure?

Run "/install corust-agent" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.

Is Corust Agent Configure free?

Yes, Corust Agent Configure is completely free, licensed under MIT-0. You can download, install and use it at no cost.

Which platforms does Corust Agent Configure support?

Corust Agent Configure is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).

Who created Corust Agent Configure?

It is built and maintained by Phoenix (@phoenix500526); the current version is v1.0.0.

More Skills

Corust Agent Configure